<HTML>
<HEAD>
<META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
- <TITLE>The DXSpider Administration Manual v1.47: Information, files and useful programs</TITLE>
+ <TITLE>The DXSpider Administration Manual v1.48: Security</TITLE>
<LINK HREF="adminmanual-8.html" REL=next>
<LINK HREF="adminmanual-6.html" REL=previous>
<LINK HREF="adminmanual.html#toc7" REL=contents>
<A HREF="adminmanual-6.html">Previous</A>
<A HREF="adminmanual.html#toc7">Contents</A>
<HR>
-<H2><A NAME="s7">7. Information, files and useful programs</A></H2>
+<H2><A NAME="s7">7. Security</A></H2>
-<H2><A NAME="ss7.1">7.1 MOTD</A>
-</H2>
-
-<P>One of the more important things a cluster sysop needs to do is to get
-information to his users. The simplest way to do this is to have a banner
-that is sent to the user on login. This is know as a "message of the day"
-or "motd". To set this up, simply create a file in /spider/data called motd
-and edit it to say whatever you want. It is purely a text file and will be
-sent automatically to anyone logging in to the cluster.
-<P>
-<H2><A NAME="ss7.2">7.2 Downtime message</A>
-</H2>
-
-<P>If for any reason the cluster is down, maybe for upgrade or maintenance but
-the machine is still running, a message can be sent to the user advising them
-of the fact. This message lives in the /spider/data directory and is called
-"offline". Simply create the file and edit it to say whatever you wish.
-This file will be sent to a user attempting to log into the cluster when
-DXSpider is not actually running.
+<P>From version 1.49 DXSpider has some additional security features. These
+are not by any means meant to be exhaustive, however they do afford some
+security against piracy. These two new features can be used independently
+of each other or in concert to tighten the security.
<P>
-<H2><A NAME="ss7.3">7.3 Other text messages</A>
+<H2><A NAME="ss7.1">7.1 Registration</A>
</H2>
-<P>You can set other text messages to be read by the user if they input the file
-name. This could be for news items or maybe information for new users.
-To set this up, make a directory under /spider called <EM>packclus</EM>.
-Under this directory you can create files called <EM>news</EM> or <EM>newuser</EM>
-for example. In fact you can create files with any names you like. These can
-be listed by the user with the command ....
+<P>The basic principle of registration is simple. If a user is not registered
+by the sysop, then they have read-only access to the cluster. The only
+thing they can actually send is a talk or a message to the sysop. In
+order for them to be able to spot, send announces or talks etc the sysop
+must register them with the <EM>set/register</EM> command, like this ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
-show/files
+set/register g0vgs
</PRE>
</CODE></BLOCKQUOTE>
-<P>They can be read by the user by typing the command ....
+<P>The user g0vgs can now fully use the cluster. In order to enable
+registration, you can issue the command ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
-type news
+set/var $main::reqreg = 1
</PRE>
</CODE></BLOCKQUOTE>
-<P>If the file they want to read is called <EM>news</EM>. You could also set
-an alias for this in the Alias file to allow them just to type <EM>news</EM>
+<P>Any users that are not registered will now see the motd_nor file rather
+than the motd file as discussed in the Information, files and useful
+programs section.
<P>
-<P>You can also store other information in this directory, either directly or
-nested under directories. One use for this would be to store DX bulletins
-such as the OPDX bulletins. These can be listed and read by the user.
-To keep things tidy, make a directory under /spider/packclus called
-<EM>bulletin</EM>. Now copy any OPDX or similar bulletins into it. These
-can be listed by the user in the same way as above using the <EM>show/files</EM>
-command with an extension for the bulletin directory you have just created,
-like this ....
+<P>Entering this line at the prompt will only last for the time the cluster
+is running of course and would not be present on a restart. To make the
+change permanent, add the above line to /spider/scripts/startup. To
+read more on the startup file, see the section on Information, files
+and useful programs.
<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-show/files bulletin
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>
-<P>An example would look like this ....
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-sh/files
-bulletin DIR 20-Dec-1999 1715Z news 1602 14-Dec-1999 1330Z
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>You can see that in the files area (basically the packclus directory) there is a
-file called <EM>news</EM> and a directory called <EM>bulletin</EM>. You can
-also see that dates they were created. In the case of the file <EM>news</EM>,
-you can also see the time it was last modified, a good clue as to whether the
-file has been updated since you last read it. To read the file called
-<EM>news</EM> you would simply issue the command ....
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-type news
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>To look what is in the bulletin directory you issue the command ....
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-show/files bulletin
-opdx390 21381 29-Nov-1999 1621Z opdx390.1 1670 29-Nov-1999 1621Z
-opdx390.2 2193 29-Nov-1999 1621Z opdx391 25045 29-Nov-1999 1621Z
-opdx392 35969 29-Nov-1999 1621Z opdx393 15023 29-Nov-1999 1621Z
-opdx394 33429 29-Nov-1999 1621Z opdx394.1 3116 29-Nov-1999 1621Z
-opdx395 24319 29-Nov-1999 1621Z opdx396 32647 29-Nov-1999 1621Z
-opdx396.1 5537 29-Nov-1999 1621Z opdx396.2 6242 29-Nov-1999 1621Z
-opdx397 18433 29-Nov-1999 1621Z opdx398 19961 29-Nov-1999 1621Z
-opdx399 17719 29-Nov-1999 1621Z opdx400 19600 29-Nov-1999 1621Z
-opdx401 27738 29-Nov-1999 1621Z opdx402 18698 29-Nov-1999 1621Z
-opdx403 24994 29-Nov-1999 1621Z opdx404 15685 29-Nov-1999 1621Z
-opdx405 13984 29-Nov-1999 1621Z opdx405.1 4166 29-Nov-1999 1621Z
-opdx406 28934 29-Nov-1999 1621Z opdx407 24153 29-Nov-1999 1621Z
-opdx408 15081 29-Nov-1999 1621Z opdx409 23234 29-Nov-1999 1621Z
-Press Enter to continue, A to abort (16 lines) >
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>You can now read any file in this directory using the type command, like this ....
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-type bulletin/opdx391
-Ohio/Penn DX Bulletin No. 391
-The Ohio/Penn Dx PacketCluster
-DX Bulletin No. 391
-BID: $OPDX.391
-January 11, 1999
-Editor Tedd Mirgliotta, KB8NW
-Provided by BARF-80 BBS Cleveland, Ohio
-Online at 440-237-8208 28.8k-1200 Baud 8/N/1 (New Area Code!)
-Thanks to the Northern Ohio Amateur Radio Society, Northern Ohio DX
-Association, Ohio/Penn PacketCluster Network, K1XN & Golist, WB2RAJ/WB2YQH
-& The 59(9) DXReport, W3UR & The Daily DX, K3TEJ, KN4UG, W4DC, NC6J, N6HR,
-Press Enter to continue, A to abort (508 lines) >
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>The page length will of course depend on what you have it set to!
+<P>To unregister a user use <EM>unset/register</EM> and to show the list
+of registered users, use the command <EM>show/register</EM>.
<P>
-<H2><A NAME="ss7.4">7.4 The Aliases file</A>
+<H2><A NAME="ss7.2">7.2 Passwords</A>
</H2>
-<P>You will find a file in /spider/cmd/ called Aliases. First, copy this file to
-/spider/local_cmd/Aliases and edit this file. You will see something like this ...
+<P>At the moment, passwords only affect users who login to a DXSpider
+cluster node via telnet. If a user requires a password, they can
+either set it themselves or have the sysop enter it for them by using
+the <EM>set/password</EM> command. Any users who already have passwords,
+such as remote sysops, will be asked for their passwords automatically
+by the cluster. Using passwords in this way means that the user has a
+choice on whether to have a password or not. To force the use of
+passwords at login, issue the command ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
-
-#!/usr/bin/perl
-
-# provide some standard aliases for commands for terminally
-# helpless ak1a user (helpless in the sense that they never
-# read nor understand help files)
-
-# This file is automagically reloaded if its modification time is
-# later than the one stored in CmdAlias.pm
-
-# PLEASE make this file consistant with reality! (the patterns MUST
-# match the filenames!)
-
-# Don't alter this file, copy it into the local_cmd tree and modify it.
-# This file will be replaced everytime I issue a new release.
-
-# You only need to put aliases in here for commands that don't work as
-# you desire naturally, e.g sh/dx on its own just works as you expect
-# so you need not add it as an alias.
-
-
-
-package CmdAlias;
-
-%alias = (
- '?' => [
- '^\?', 'apropos', 'apropos',
- ],
- 'a' => [
- '^ann.*/full', 'announce full', 'announce',
- '^ann.*/sysop', 'announce sysop', 'announce',
- '^ann.*/(.*)$', 'announce $1', 'announce',
- ],
- 'b' => [
- ],
- 'c' => [
- ],
- 'd' => [
- '^del', 'kill', 'kill',
- '^del\w*/fu', 'kill full', 'kill',
- '^di\w*/a\w*', 'directory all', 'directory',
- '^di\w*/b\w*', 'directory bulletins', 'directory',
- '^di\w*/n\w*', 'directory new', 'directory',
- '^di\w*/o\w*', 'directory own', 'directory',
- '^di\w*/s\w*', 'directory subject', 'directory',
- '^di\w*/t\w*', 'directory to', 'directory',
- '^di\w*/f\w*', 'directory from', 'directory',
- '^di\w*/(\d+)', 'directory $1', 'directory',
- ],
- 'e' => [
- ],
- 'f' => [
- ],
- 'g' => [
- ],
- 'h' => [
- ],
- 'i' => [
- ],
- 'j' => [
- ],
- 'k' => [
- ],
- 'l' => [
- '^l$', 'directory', 'directory',
- '^ll$', 'directory', 'directory',
- '^ll/(\d+)', 'directory $1', 'directory',
- ],
- 'm' => [
- ],
- 'n' => [
- '^news', 'type news', 'type',
- ],
- 'o' => [
- ],
- 'p' => [
- ],
- 'q' => [
- '^q', 'bye', 'bye',
- ],
- 'r' => [
- '^r$', 'read', 'read',
- '^rcmd/(\S+)', 'rcmd $1', 'rcmd',
- ],
- 's' => [
- '^s/p$', 'send', 'send',
- '^sb$', 'send noprivate', 'send',
- '^set/home$', 'set/homenode', 'set/homenode',
- '^set/nobe', 'unset/beep', 'unset/beep',
- '^set/nohe', 'unset/here', 'unset/here',
- '^set/noan', 'unset/announce', 'unset/announce',
- '^set/nodx', 'unset/dx', 'unset/dx',
- '^set/nota', 'unset/talk', 'unset/talk',
- '^set/noww', 'unset/wwv', 'unset/wwv',
- '^set/nowx', 'unset/wx', 'unset/wx',
- '^sh$', 'show', 'show',
- '^sh\w*/buck', 'dbshow buck', 'dbshow',
- '^sh\w*/bu', 'show/files bulletins', 'show/files',
- '^sh\w*/c/n', 'show/configuration nodes', 'show/configuration',
- '^sh\w*/c$', 'show/configuration', 'show/configuration',
- '^sh\w*/com', 'dbavail', 'dbavail',
- '^sh\w*/dx/(\d+)-(\d+)', 'show/dx $1-$2', 'show/dx',
- '^sh\w*/dx/(\d+)', 'show/dx $1', 'show/dx',
- '^sh\w*/dx/d(\d+)', 'show/dx from $1', 'show/dx',
- '^sh\w*/email', 'dbshow email', 'dbshow',
- '^sh\w*/hftest', 'dbshow hftest', 'dbshow',
- '^sh\w*/vhftest', 'dbshow vhftest', 'dbshow',
- '^sh\w*/qsl', 'dbshow qsl', 'dbshow',
- '^sh\w*/tnc', 'who', 'who',
- '^sh\w*/up', 'show/cluster', 'show/cluster',
- '^sh\w*/w\w*/(\d+)-(\d+)', 'show/wwv $1-$2', 'show/wwv',
- '^sh\w*/w\w*/(\d+)', 'show/wwv $1', 'show/wwv',
- '^sp$', 'send', 'send',
-
- ],
- 't' => [
- '^ta$', 'talk', 'talk',
- '^t$', 'talk', 'talk',
- ],
- 'u' => [
- ],
- 'v' => [
- ],
- 'w' => [
- '^wx/full', 'wx full', 'wx',
- '^wx/sysop', 'wx sysop', 'wx',
- ],
- 'x' => [
- ],
- 'y' => [
- ],
- 'z' => [
- ],
-)
+set/var $main::passwdreq = 1
</PRE>
</CODE></BLOCKQUOTE>
-<P>You can create aliases for commands at will. Beware though, these may not
-always turn out as you think. Care is needed and you need to test the
-results once you have set an alias.
+<P>at the cluster prompt. This can also be added to the /spider/scripts/startup
+file as above to make the change permanent.
<P>
-<H2><A NAME="ss7.5">7.5 Console.pl</A>
-</H2>
-
-<P>In later versions of Spider a simple console program is provided for the sysop.
-This has a type ahead buffer with line editing facilities and colour for spots,
-announces etc. To use this program, simply use console.pl instead of client.
+<P>Of course, if you do this you will have to assign a password for each of
+your users. If you were asking them to register, it is anticipated that
+you would ask them to send you a message both to ask to be registered and
+to give you the password they wish to use.
<P>
-<P>To edit the colours, copy /spider/perl/Console.pl to /spider/local and edit the
-file with your favourite editor.
-<P>
-<H2><A NAME="ss7.6">7.6 Updating kepler data</A>
-</H2>
-
-<P>Spider has a powerful and flexible show/satellite command. In order for
-this to be accurate, the kepler data has to be updated regularly. In
-general, this data is available as an email or via cluster mail.
-Updating it is simple. First you need to export the mail message as a
-file. You do this with the <EM>export</EM> command from the cluster prompt
-as the sysop. For example ...
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-export 5467 /spider/perl/keps.in
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>would export message number 5467 as a file called keps.in in the
-/spider/perl directory.
-<P>Now login to a VT as sysop and cd /spider/perl. There is a command in
-the perl directory called <EM>convkeps.pl</EM>. All we need to do now is
-convert the file like so ...
-<P>
-<BLOCKQUOTE><CODE>
-<PRE>
-./convkeps.pl keps.in
-</PRE>
-</CODE></BLOCKQUOTE>
-<P>Now go back to the cluster and issue the command ...
+<P>Should a user forget their password, it can be reset by the sysop by
+first removing the existing password and then setting a new one like so ...
<P>
<BLOCKQUOTE><CODE>
<PRE>
-load/keps
+unset/password g0vgs
+set/password g0vgs new_password
</PRE>
</CODE></BLOCKQUOTE>
-<P>That is it! the kepler data has been updated.
-<P>
-<H2><A NAME="ss7.7">7.7 The QRZ callbook</A>
-</H2>
-
-<P>The command <EM>sh/qrz</EM> will only work once you have followed a few
-simple steps. First you need to get a user ID and password from qrz.com.
-Simply go to the site and create one. Secondly you need to copy the file
-/spider/perl/Internet.pm to /spider/local and alter it to match your user
-ID and password. You also at this point need to set $allow=1 to complete
-the setup. Many thanks to Fred Lloyd, the proprieter of
-<A HREF="http://www.qrz.com">qrz.com</A> for allowing this access.
<P>
<HR>
<A HREF="adminmanual-8.html">Next</A>
projects / spider.git / blobdiff